Пример #1
0
 def setUp(self):
     """Makes preparations before running an individual test."""
     output_mediator = self._CreateOutputMediator()
     self._output_writer = cli_test_lib.TestOutputWriter()
     self._output_module = json_out.JSONOutputModule(output_mediator)
     self._output_module.SetOutputWriter(self._output_writer)
     self._event_object = test_lib.TestEventObject()
Пример #2
0
 def setUp(self):
   """Sets up the objects needed for this test."""
   output_mediator = self._CreateOutputMediator()
   self._output_writer = cli_test_lib.TestOutputWriter()
   self._output_module = json_out.JSONOutputModule(output_mediator)
   self._output_module.SetOutputWriter(self._output_writer)
   self._event_object = test_lib.TestEventObject()
Пример #3
0
    def testWriteFooter(self):
        """Tests the WriteFooter function."""
        test_file_object = io.StringIO()

        output_mediator = self._CreateOutputMediator()
        output_module = json_out.JSONOutputModule(output_mediator)
        output_module._file_object = test_file_object

        output_module.WriteFooter()

        footer = test_file_object.getvalue()
        self.assertEqual(footer, '}')
Пример #4
0
    def testWriteEventBody(self):
        """Tests the WriteEventBody function."""
        test_file_object = io.StringIO()

        output_mediator = self._CreateOutputMediator()

        formatters_directory_path = self._GetTestFilePath(['formatters'])
        output_mediator.ReadMessageFormattersFromDirectory(
            formatters_directory_path)

        output_module = json_out.JSONOutputModule(output_mediator)
        output_module._file_object = test_file_object

        event, event_data, event_data_stream = (
            containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))

        output_module.WriteEventBody(event, event_data, event_data_stream,
                                     None)

        expected_timestamp = shared_test_lib.CopyTimestampFromString(
            '2012-06-27 18:17:01')

        if sys.platform.startswith('win'):
            # The dict comparison is very picky on Windows hence we
            # have to make sure the drive letter is in the same case.
            expected_os_location = os.path.abspath('\\{0:s}'.format(
                os.path.join('cases', 'image.dd')))
        else:
            expected_os_location = '{0:s}{1:s}'.format(
                os.path.sep, os.path.join('cases', 'image.dd'))

        expected_json_dict = {
            'event_0': {
                '__container_type__':
                'event',
                '__type__':
                'AttributeContainer',
                'date_time': {
                    '__class_name__': 'PosixTimeInMicroseconds',
                    '__type__': 'DateTimeValues',
                    'timestamp': 1340821021000000,
                },
                'data_type':
                'test:event',
                'display_name':
                'TSK:/var/log/syslog.1',
                'filename':
                '/var/log/syslog.1',
                'hostname':
                'ubuntu',
                'inode':
                '15',
                'message':
                ('Reporter <CRON> PID: |8442| (pam_unix(cron:session): '
                 'session closed for user root)'),
                'pathspec': {
                    '__type__': 'PathSpec',
                    'type_indicator': 'TSK',
                    'location': '/var/log/syslog.1',
                    'inode': 15,
                    'parent': {
                        '__type__': 'PathSpec',
                        'type_indicator': 'OS',
                        'location': expected_os_location,
                    }
                },
                'text':
                ('Reporter <CRON> PID: |8442| (pam_unix(cron:session): '
                 'session\n closed for user root)'),
                'timestamp':
                expected_timestamp,
                'timestamp_desc':
                definitions.TIME_DESCRIPTION_UNKNOWN,
                'username':
                '******',
            }
        }
        event_body = test_file_object.getvalue()

        # We need to compare dicts since we cannot determine the order
        # of values in the string.
        json_string = '{{ {0:s} }}'.format(event_body)
        json_dict = json.loads(json_string)
        self.assertEqual(json_dict, expected_json_dict)